Threat Landscape Briefing – January 2024

In this month’s briefing we explore:

• Microsoft Copilot Brings New Opportunities … for Data Security Challenges (1:01)
  • From a data security perspective, Microsoft’s new AI tool Copilot raises some serious concerns.
  • See Info-Tech’s Address Security and Privacy Risks for Generative AI.
• Critical Vulnerability in Apache OFBiz Aggressively Targeted (3:31)
  • A vulnerability in an open-source ERP system is being aggressively targeted by threat actors.
  • See Info-Tech’s Establish Effective Security Governance & Management.
• Cyberspies Exploiting TeamCity Vulnerability at Scale (5:19)
  • On December 13, 2023, government security agencies reported that the Russian Foreign Intelligence Service (SVR) was exploiting vulnerabilities in servers hosting JetBrains’ TeamCity Software.
  • See Info-Tech’s Build Your Security Operations Program From the Ground Up.
• Dozens of Credit Unions Impacted by Service Provider Ransomware Attack (8:34)
  • Ongoing Operations, a technology partner that provides credit unions with data analytics, business intelligence and other services, was a victim of a ransomware attack on November 26.
  • See Info-Tech’s Implement Risk-Based Vulnerability Management.